lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <86e6659bc8dd135491dc34bdb247caf05d8d2ad8.camel@HansenPartnership.com>
Date: Thu, 12 Sep 2024 08:28:02 -0400
From: James Bottomley <James.Bottomley@...senPartnership.com>
To: Cedric Xing <cedric.xing@...el.com>, Dan Williams
 <dan.j.williams@...el.com>,  Samuel Ortiz <sameo@...osinc.com>, Lukas
 Wunner <lukas@...ner.de>, Dionna Amalie Glaze <dionnaglaze@...gle.com>,
 Qinkun Bao <qinkun@...gle.com>, Mikko Ylinen
 <mikko.ylinen@...ux.intel.com>, Kuppuswamy Sathyanarayanan
 <sathyanarayanan.kuppuswamy@...ux.intel.com>
Cc: linux-kernel@...r.kernel.org, linux-coco@...ts.linux.dev
Subject: Re: [PATCH RFC 3/3] tsm: Add TVM Measurement Sample Code

On Sat, 2024-09-07 at 23:56 -0500, Cedric Xing wrote:
> This sample kernel module demonstrates how to make MRs accessible to
> user mode
> through TSM.
> 
> Once loaded, this module registers a virtual measurement provider
> with the TSM
> core and will result in the directory tree below.
> 
> /sys/kernel/tsm/
> └── measurement-example
>     ├── config_mr
>     ├── full_report
>     ├── report_digest
>     ├── rtmr0
>     │   ├── append_event
>     │   ├── digest
>     │   ├── event_log
>     │   └── hash_algo
>     ├── rtmr1
>     │   ├── append_event
>     │   ├── digest
>     │   ├── event_log
>     │   └── hash_algo
>     ├── static_mr
>     └── user_data

I'm not sure this is the best structure to apply to logs with multiple
banks (hash algorithms).  There needs to be a way to get the same
registers measurement for each bank, but the log should sit above that
(appending should extend all active banks)

How about

/sys/kernel/tsm/
└──<measurement type>
   ├──reg0
   │   ├── <log format>
   │   │   ├── append_event
   │   │   └── event_log
   │   ├── <hash algo>  
   │  ...  └── digest
   ...

That way it supports multiple log formats (would be the job of the log
extender to ensure compatibility) and multiple banks.

James

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ